package cn.edu.lzu.unitweb.realm;

import cn.edu.lzu.dao.PermissionMapper;
import cn.edu.lzu.dao.RoleMapper;
import cn.edu.lzu.entity.Examiner;
import cn.edu.lzu.entity.Permission;
import cn.edu.lzu.entity.Role;
import cn.edu.lzu.entity.Unit;
import cn.edu.lzu.service.ExaminerService;
import cn.edu.lzu.service.UnitService;
import cn.edu.lzu.unitweb.config.ExaminerSessionDao;
import com.fasterxml.jackson.annotation.JsonFormat;
import com.fasterxml.jackson.core.JsonToken;
import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.realm.Realm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Lazy;

import javax.annotation.Resource;
import java.sql.Date;
import java.sql.Timestamp;
import java.util.HashSet;
import java.util.List;
import java.util.Set;

/**
 * @PackageName: cn.edu.lzu.unitweb.realm
 * @ClassName: ExaminerRealm
 * @Description: TODO
 * @Author: 张琦[QQ:3098086691]
 * @Date: 2019/11/28 13:21
 * @Version: 1.0
 */
public class ExaminerRealm extends AuthorizingRealm {
    @Resource
    private ExaminerService examinerService;
    @Resource
    private UnitService unitService;
    @Resource
    private RoleMapper roleMapper;
    @Resource
    private PermissionMapper permissionMapper;

    /**
     * @Author: 张琦[QQ:3098086691]
     * @Description: TODO 授权
     * @Date: 2019/11/28 13:29
     * @Param: [principalCollection]
     * @Return: org.apache.shiro.authz.AuthorizationInfo
     **/
    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        Examiner examiner= (Examiner)SecurityUtils.getSubject().getPrincipal();
        SimpleAuthorizationInfo simpleAuthorizationInfo=new SimpleAuthorizationInfo();
        Set<String> roles=new HashSet<>();
        List<Role> roleList=roleMapper.selExaminerRoles(examiner.getExaminerId());
        for(Role role:roleList){
            roles.add(role.getRole());
        }
        List<Permission> permissionList=permissionMapper.selExaminerPermissions(examiner.getExaminerId());
        for(Permission permission:permissionList){
            simpleAuthorizationInfo.addStringPermission(permission.getPermission());
        }
        simpleAuthorizationInfo.setRoles(roles);
        return simpleAuthorizationInfo;
    }

    /**
     * @Author: 张琦[QQ:3098086691]
     * @Description: TODO 认证:通过登录时输入的账号在数据库中寻找对应的密码，然后将输入的密码经过加密算法加密后与之对比。
     * @Date: 2019/11/28 14:22
     * @Param: [authenticationToken]
     * @Return: org.apache.shiro.authc.AuthenticationInfo
     **/
    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken) throws AuthenticationException {
        Examiner examiner = examinerService.selectExaminerById(Long.valueOf(authenticationToken.getPrincipal() + ""));
        Unit unit = null;
        //确定不抛异常才更新‘上次登录时间’
        if (examiner != null) {
            unit = unitService.selectUnitById(examiner.getUnitId());
        }
        if (examiner == null) {
            throw new AuthenticationException("账号不存在");
        } else if (!unit.isDisabled()) {
            throw new LockedAccountException("您所在的单位已被停用！");
        } else if (!examiner.isStatus()) {
            throw new LockedAccountException("您的账号已被停用!");
        }
        SimpleAuthenticationInfo simpleAuthenticationInfo = new SimpleAuthenticationInfo(examiner, examiner.getPassword(), null, this.getName());
        return simpleAuthenticationInfo;
    }
}
